Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-22 | CVE-2017-15730 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php. | 6.8 |
2017-10-22 | CVE-2017-15729 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary. | 6.8 |
2017-10-19 | CVE-2017-15645 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin CSRF exists in Webmin 1.850. | 6.8 |
2017-10-19 | CVE-2017-12271 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Spa300 Firmware and Spa500 Firmware A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. | 8.8 |
2017-10-18 | CVE-2017-14956 | Cross-Site Request Forgery (CSRF) vulnerability in Alienvault Unified Security Management 4.14 AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. | 3.5 |
2017-10-18 | CVE-2015-7715 | Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Property Listing 8.9/8.9.2 Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php. | 6.8 |
2017-10-18 | CVE-2014-3709 | Cross-Site Request Forgery (CSRF) vulnerability in Keycloak The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection. | 6.8 |
2017-10-17 | CVE-2017-14011 | Cross-Site Request Forgery (CSRF) vulnerability in Prominent Multiflex M10A Controller Firmware A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. | 6.8 |
2017-10-16 | CVE-2017-15296 | Cross-Site Request Forgery (CSRF) vulnerability in SAP Customer Relationship Management The Java component in SAP CRM has CSRF. | 6.8 |
2017-10-13 | CVE-2016-1265 | Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos Space A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. | 7.5 |